Riverbed, working with the Department of Defense (DoD) and the Defense Information’s Security Agency (DISA) has developed the Riverbed SteelHead STIG. A STIG is the configuration guide for deploying Riverbed products into a DoD environment so that they qualify as an Information Assurance (IA) or IA-enabled device (that is, the operating system, network appliance, application, software, and so on). The STIG outlines the recommended procedures, configuration steps, and administrative activities, that should be followed to secure the SteelHead.

The SteelHead WAN optimization solution consists of the Riverbed Optimization System (RiOS) software and the SteelHead hardware or virtual appliance. The primary difference between the hardware appliances in the series is the number of WAN ports available and bandwidth capabilities. The RiOS software can also be hosted on a customer-provided host and implemented using a virtual appliance.

While the SteelHead v8.6 Network Device Management (NDM) STIG can be used to secure the management functions of all SteelHead products that use RiOS 8.x.x, the scope of the application layer gateway (ALG) STIG includes only SteelHead CX implementations.

For detailed information about the DoD Instruction (DoDI) 8500.01, see the SteelHead STIG on the DoD Cyber Exchange website at http://public.cyber.mil/stigs.